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Sir: 



This Reply Brief is submitted in response to the Examiner's Answer mailed July 
27, 2006. This Reply Brief is submitted in support of this appeal from a final decision of 
the Examiner, mailed April 27, 2005 and an Advisory Action mailed July 8, 2005. 
Consideration of this appeal by the Board of Patent Appeals and Interferences for 

allowance of the above-captioned patent application is respectfully requested. 
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I. REAL PARTY IN INTEREST 

The real party in interest is Adara Networks, Inc. a corporation of Florida having 
a place of business at 10 Victor Square, Scotts Valley, CA 95066. 
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II. RELATED APPEALS AND INTERFERENCES 

There are no related appeals or interferences. The present application is related to 
the following co-pending applications: 09/810,148; 09/843,789; 09/844,759; 09/844,856; 
and 09/844,857. 
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III. STATUS OF CLAIMS 

Claims 1 - 21 were finally rejected in an Office Action mailed April 27, 2005. 

Claims 12-21 have been canceled. Claims 1-1 1 are pending and are the subject of this 

appeal. 
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IV. STATUS OF AMENDMENTS 

An amendment was filed on June 20, 2005, subsequent to the Final Office Action 
mailed on April 27, 2005. The Examiner entered the amendment and confirmed the final 
rejection of claims 1-11 in an Advisory Action mailed July 8, 2005. A copy of all claims 
on appeal is attached hereto as a Claims Appendix. 
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V, SUMMARY OF CLAIMED SUBJECT MATTER 

Claim 1, the only independent claim on appeal, reads* as follows: 
A method, comprising; 

directing a client's (105) request (402) for an information object 
to an information object repository (218) without regard as to whether 
the information object is actually stored at the information object 
repository; and 

determining (404, 408), according to information included in a 
imiform resource locator (URL) whether the client is authorized to 
receive the information object. 

Claim 1 thus refers to a method of determining whether a client is authorized to receive 
content that the client is requesting from an information object repository (e.g., a cache) 
according to information included in a URL. 

Further discussion of an embodiment of this method is at paragraphs 79 et seq. of the 
present application. To summarize, the present invention includes an access control mechanism 
that allows owners of information objects (i.e., content) stored in caches or other information 
object repositories to control access thereto based on an access control label which may be 
included in the URLs for the content. (Specification at pages 35-36, paragraph 0079). Such 
control is provided, for example, by (1) assigning a set of access control labels to each user (e.g., 
network providers, content owners, etc.) for use in specifying the access control list to be used 
for a given URL, and (2) allowing the user to maintain the access control lists corresponding to 
the user's labels. (Specification at pages 35-36, paragraph 0079). 

Given a system defined by such access control labels and the corresponding access 

control lists, security may be enforced by the cache servers (or other information object 

repositories), for example by allowing each cache server to store the current access control lists 

for all active labels. (Specification at page 36, paragraph 0080). In such cases, and as shown in 

Figure 4 of the present application, in response to receiving an HTTP request with a URL (e.g., 

from a client or other network component) for an information object (i.e., content), the cache 

determines (404) whether the correct access control label included in that URL is valid (i.e., 

' Reference numbers as used in the drawings have been inserted in accordance with 37 C.F.R. § 41.37(c)(l)(v). The 
use of such reference numbers should in no way be read as Hmiting the claim to the illustrated embodiment. 
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according to the stored access control list). If not, the cache delivers an "unauthorized access" 
message to the requesting client. Otherwise, the cache further decides (408) whether additional 
client identifying information included in the URL is valid. If not, the cache delivers the 
unauthorized access message; otherwise the cache delivers the requested information object. 
(Specification at pages 36-37, paragraph 0082; page 37, paragraph 0083). 
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VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

Claims 1-11 were rejected under 35 U.S. C. § 103(a) as being unpatentable over 
U.S. Patent No. 6,415,323 of McCanne ("McCanne I") in view of U.S. Patent No. 
6,708,187 of Shanumgam et al. ("Shanumgam"). 
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VII. ARGUMENT 

Applicants reassert the arguments set forth in their Appeal Brief but additionally reply to 
the Examiner's Answer as follows. 

A. Claims 1 - 1 1 are patentable over McCanne I and Shanumgam. which, when 

considered in combination, fail to teach "determining, according to information 
included in a uniform resource locator (URL) whether the client is authorized to 
receive the information object ." 

The Examiner's Answer states that McCanne I and Shanumgam in combination 
disclose the use of "information included in a uniform resource locator (URL) to 
determine whether a client is authorized to receive requested content." Applicants 
respectfully disagree. 

Claim 1, the only independent claim on appeal, reads as follows: 
A method, comprising: 

directing a client's request for an information object to an 
information object repository without regard as to whether the 
information object is actually stored at the information object 
repository; and 

determining, according to information included in a uniform 
resource locator (URL) whether the client is authorized to receive the 
information object. 

Claim 1 thus refers to a method of determining whether a client is authorized to receive 
content that the client is requesting from an information object repository (e.g., a cache) 
according to information included in a URL. 

McCanne I discloses a redirection system in which packets are routed from a 
client to a service node based on topological locality. McCanne I at col. 5, II. 21 - 25. 
When the service node to which a client request is made does not have a copy of the 
requested content, additional information in the URL is used to identify the particular 
location for the content in question. McCanne I at col. 9, 11. 52 - 54. 
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By contrast, McCanne I does not disclose the limitation of claim 1 "determining, 
according to information included in a uniform resource locator (URL) whether the client 
is authorized to receive the information object." 

Therefore, McCanne I does not disclose or suggest the limitations stated in claim 1 . 

Shanumgam discloses a LDAP database synchronization scheme in which user 
domain information is used to authenticate a user for access to a network resource. 
Shanumgam at col. 5, 11. 46 - 58. Shanumgam also discloses an authentication procedure 
in which the policy enforcer engages the VPN client by requesting usemame and 
password from the VPN client. Shanumgam at col. 15, 11. 44-48. 

By contrast, Shanumgam does not disclose the limitation of claim 1 "determining, 
according to information included in a uniform resource locator (URL) whether the client 
is authorized to receive the information object." 

Therefore, Shanumgam does not disclose or suggest the limitations stated in claim 

1. 

Even if McCanne I and Shanumgam were combined, such a combination would 
lack the limitation of claim 1 "determining, according to information included in a 
uniform resource locator (URL) whether the client is authorized to receive the 
information object." 

If the authentication policy of Shanumgam were adopted in the redirection 
scheme described by McCanne I, one of ordinary skill in the art would be led to believe 
that user domain information (and NOT any URL information) should be used to 
authenticate clients as part of a content request. URL information, on the other hand, 
would be used to determine which content server to retrieve the requested content from, 
as taught by McCanne L 

Therefore, neither McCanne I nor Shanumgam, individually or in combination, 
disclose each and every limitation of claim 1. As such, claim 1 is not rendered obvious 
by McCanne I in view of Shanumgam under 35 U.S.C. § 103(a). 

Claims 2-11 depend from claim 1 and are patentable over McCanne I and 
Shanumgam for at least the same reasons as set forth above. 
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B. The combination of McCanne I and Shanumgam is based on impermissible 
hindsight and no adequate motivation or other reasons for combining these 
teachings has been presented . 

The Examiner's Answer states that it would have been obvious to combine the 
policy enforcer for authorizing users of Shanumgan with the content distribution network 
of McCanne I by providing additional access information in the URL. The Examiner's 
Answer also states that U.S. Patent No. 6,785,704 of McCanne ("McCanne 11") provides 
the motivation to combine Shanumgan with McCanne L Applicants respectfully 
disagree. 

Shanumgam discloses a unified policy management system including a central 
policy server and remotely situated policy enforcers. Private local networks are all 
coupled to a public network such as the intemet via routers and internet service providers 
as illustrated in FIG. 1. Shanumgam at col. 3, 11. 60-67. Shanumgam also discloses a 
LD AP database synchronization scheme in which user domain information is used to 
authenticate a user for access to a network resource. Each user domain has a single 
remote policy enforcer who is authorized to authenticate the user. Thus, user domains 
ensure that the authenticating agent is generally located in the same local network as the 
user. Shanumgam at col. 5, 11. 46 - 58. Thus, Shanumgam teaches physical network with 
a centralized administration and user authentication occurring within a local network. 

McCanne I discloses a redirection system with service nodes located throughout 
the network infrastructure that are coordinated across a wide area into a virtual overlay 
network that exploits scalable addressing, adaptive routing, and decentralized 
administration. Unlike a physical internetwork, where routers are directly attached to 
each other over physical links, service nodes in the virtual overlay network communicate 
with each other using the packet service providing by the underlying IP network. 
McCanne I at col. 4, 11. 30-46. When the service node to which a client request is made 
does not have a copy of the requested content, additional information in the URL is used 
to identify the particular location for the content in question. McCanne I at col. 9, 11. 52 - 
54. Thus, McCanne I teaches a virtual overlay network across a wide area network with 
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decentralized administration in which a client can attach to a service node to request 
content based on the URL. 

It is respectfully submitted that McCanne I does not suggest a combination with 
Shanumgam, and Shanumgam does not suggest a combination with McCanne I because 
McCanne I teaches away from such a combination. It would be impermissible hindsight 
to combine McCanne I with Shanumgam based on applicants' own disclosure. 

By way of contrast, if the authentication policy of Shanumgam were adopted in 
the redirection scheme described by McCanne I, one of ordinary skill in the art would be 
led to believe that user domain information authenticating within a local network (and 
NOT any URL information) should be used to authenticate clients as part of a content 
request. URL information on the other hand would be used to determine which content 
server to retrieve the requested content from, as taught by McCanne 1. 

The Examiner's Answer states McCanne ("McCanne IF') provides the motivation 
to combine Shanumgan with McCanne I. 

McCanne II discloses network interconnecting for providing content to a client. 
A request for the content is sent from the client to the redirector node that provides an 
address for a server available to serve the requested content. The redirecting can be done 
using a domain name service (DNS) server that responds to requests for domain name 
resolution that include metadata encoding for the content being requested and/or 
attributes of the resolution request other than a domain name or explicit client/redirector 
communication to perform the redirection. McCanne II at Abstract. Thus, McCanne II 
discloses a redirector system for serving a client request for content. 

It is submitted that McCanne II does not disclose a motivation to combine 
McCanne I with Shanumgan. McCanne II teaches away from Shanumgan in a manner 
similar to how McCanne I teaches away from Shanumgan. 

Consequently, the present rejections should be reversed. 
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VIII. CONCLUSION 

For at least the foregoing reasons, applicants respectfblly request reversal of the 
Examiner's rejections as set forth in the Final Office Action and request that the Board direct 
allowance of claims 1-11. 

If there are any additional fees associated with this communication, please charge our 
deposit account 02-2666. 



Respectfully submitted, 



BLAKELY, SOKOLOFF, TAYLOR & ZAFMAN LLP 



Date: 09/27/2006 




12400 Wilshire Boulevard 
Seventh Floor 



Reg. No. 31,460 



Los Angeles, CA 90025 
(408) 947-8200 
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IX. CLAIMS APPENDIX (37 C.F.R. S 41.37(cynrviim 
The claims on appeal read as follows: 

1. (Original) A method, comprising: 

directing a client's request for an information object to an information object repository 
without regard as to whether the information object is actually stored at the information 
object repository; and 

determining, according to information included in a uniform resource locator (URL) whether 
the client is authorized to receive the information object. 

2. (Original) The method of claim 1 wherein the information object repository is selected 
according to specified performance metrics. 

3. (Original) The method of claim 2 wherein the specified performance metrics comprise 
one or more of: average delay from the information object repository to the client, average 
processing delays at the information object repository, reliability of a path from the information 
object repository to the client, available bandwidth in said path, and loads on the information 
object repository. 

4. (Original) The method of claims 2 further comprising instructing the information object 
repository to obtain a copy of the information object. 
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5. (Original) The method of claim 2 wherein the information included in the URL 
comprises information identifying the requesting client. 

6. (Original) The method of claim 5 wherein the information included in the URL further 
comprises information identifying an owner of the information object. 

7. (Original) The method of claim 2 wherein the information included in the URL 
comprises one or more digital signatures. 

8. (Original) The method of claim 7 wherein the one or more digital signatures identify 
one or more of: the requesting client, and an owner of the information object. 

9. (Original) The method of claim 2 wherein the information included in the URL is 
compared with an access list at the information object repository to determine whether the client 
is authorized to receive the information object. 

10. (Original) The method of claim 2 further comprising denying access to the information 
object if the client is not authorized to receive the information object, otherwise, returning the 
information object to the client. 
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1 1 . (Original) The method of claim 2 wherein the information included in the URL 
comprises multiple digital signatures and each digital signature is compared with an access list at 
the information object repository to determine whether the client is authorized to receive the 
information object. 



Claims 12-21 (Canceled) 
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X. EVIDENCE APPENDIX 

There is no evidence being relied upon by appellant in this appeal and therefore no 
documentation to be included in this Evidence Appendix. 
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XI. RELATED PROCEEDINGS APPENDIX 

There are no related proceedings and therefore no documentation to be included in this 
Related Proceedings Appendix. 
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